As a Senior Consultant, assess compliance with PCI-DSS and SSF standards, guide clients through payment security complexities, and document findings.
Senior Consultant - SSF Assessor
at Tevora
Irvine, CA or Fairfax, VA
If you haven't heard of Tevora, it's because we've done our job!
Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.
What's the role?
Tevora is seeking a PCI QSA + SSF (Secure Software Framework) Consultant to join our growing Payments Compliance team. This team plays a crucial role in helping some of the world's largest organizations secure their payment systems and software, ensuring full compliance with PCI-DSS and SSF standards. As a key contributor, you will be responsible for guiding clients through the complexities of payment security and performing secure software validations.
The successful candidate will have exceptional attention to detail, a proactive attitude, and a passion for solving complex security challenges. Strong communication skills and technical writing abilities are essential, as you will be working closely with clients and documenting your findings. Staying current with evolving security standards and continuously improving your technical knowledge will be critical for success in this role.
A day in the life could include:
- Leading PCI-DSS assessments and Secure Software Standard validations for clients to ensure full compliance with payment security requirements.
- Performing Secure Software Standard testing procedures on payment applications, ensuring compliance with SSF guidelines.
- Writing detailed Secure Software Standard Reports on Validation (ROV), documenting findings and providing recommendations.
- Collaborating with development teams to help implement secure software practices and ensure PCI compliance.
- Supporting pre-sales efforts by scoping SSF-related engagements, preparing proposals, and participating in client presentations.
- Building and maintaining strong professional relationships with clients, offering expert guidance throughout the compliance process.
- Working closely with marketing to produce thought leadership content around PCI-DSS, SSF, and payment security trends.
Necessary skills and qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
- Secure Software Assessor Certification (with a valid listing on the PCI SSC website) is required.
- PCI Qualified Security Assessor (QSA) certification is also required.
- Experience performing at least one Secure Software Standard validation in the past year.
- Strong knowledge of Secure Software Standard testing procedures and the ability to apply these to payment applications.
- Demonstrated experience writing Secure Software Standard Reports on Validation (ROV) with attention to detail and clarity.
- Strong communication skills for building and maintaining relationships with clients.
- Ability to explain technical details clearly to non-technical stakeholders.
Bonus Points:
- Secure Software Lifecycle (SLC) Certification and experience is preferred but not required.
- Additional experience with other payment security standards, such as P2PE.
- Certifications such as CISSP, CISM, or CSSLP.
- Experience working with large, global organizations in complex compliance environments.
We've got you covered!
- Comprehensive benefits offering
- Paid time off and holidays
- 401k with Company match
- Vibrant work culture
Additional requirements:
- A valid driver's license is required.
- Eligibility to work in the United States.
- Must work a hybrid schedule at our Irvine, CA or Fairfax, VA office.
EEOC Statement
Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.
Top Skills
Pci Dss
Pci Qualified Security Assessor Certification
Secure Software Assessor Certification
Secure Software Framework
Secure Software Standard Testing Procedures
Similar Jobs
.png)
Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
As an Offensive Security Engineer, you will conduct penetration testing, collaborate with teams on vulnerabilities, and support security incidents.
Top Skills:
GoJavaScriptOwaspPythonRubySans
Artificial Intelligence • Cloud • Information Technology • Sales • Security • Software • Cybersecurity
As a Cyber Threat Intelligence Analyst, you will investigate cyber threats, conduct OSINT research, and support customers with threat information and analyses.
Top Skills:
Cybersecurity FundamentalsOsint
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
This role involves leading the Enterprise Identity Transformation, architecting IAM solutions, managing teams, and utilizing AI for identity management. It requires extensive experience in IAM infrastructure and proven leadership skills.
Top Skills:
Active DirectoryAWSAzureDelinea PamGCPIamOktaPythonSailpointTerraform
What you need to know about the Seattle Tech Scene
Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.
Key Facts About Seattle Tech
- Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Amazon, Microsoft, Meta, Google
- Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Madrona, Fuse, Tola, Maveron
- Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute
